CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

129 matches found

ATTACKERKB•added 2026/05/27 7:33 a.m.•12 views

CVE-2026-49001

Cross-site request forgery CSRF vulnerabilities allow attackers to exploit a user's authenticated session to forge cross-site requests, inducing the execution of unintended operations such as tampering with configuration data...

5.3CVSS5.8AI score0.00109EPSS

Exploits0References2

Cvelist•added 2026/05/09 7:16 p.m.•37 views

CVE-2026-42333 quarkus-openapi-generator has overly broad path-parameter matching that sends authentication headers to unintended operations

Quarkus OpenAPI Generator is Quarkus' extensions for generation of Rest Clients and server stubs generation. Prior to versions 2.11.1-lts, 2.16.0-lts, and 2.17.0, the generated authentication filter matches OpenAPI path templates too broadly when deciding whether to attach credentials. A security...

6.3CVSS0.004EPSS

Exploits0References5

ATTACKERKB•added 2026/02/03 6:56 a.m.•4 views

CVE-2026-20704

Cross-site request forgery vulnerability exists in ELECOM wireless LAN products. If a user accesses a malicious page while logged-in to the affected product, unintended operations may be performed...

5.1CVSS6.1AI score0.00133EPSS

Exploits0References3Affected Software15

CNNVD•added 2025/12/17 12:0 a.m.•3 views

ASUS Live Update 安全漏洞

ASUS Live Update is an automated driver and firmware update tool from Asus China. A security vulnerability exists in ASUS Live Update, which stems from a supply chain attack that results in a tampered version, which could cause the device to perform unintended operations...

9.8CVSS6.8AI score0.01084EPSS

Exploits0References2

NVD•added 2025/12/16 5:16 a.m.•6 views

CVE-2025-59479

CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper restriction of rendered UI layers or frames. If a user clicks on content on a malicious web page while logged into the product, unintended operations may be performed on the product...

6.1CVSS0.00159EPSS

Exploits0References2

Cvelist•added 2025/12/16 4:48 a.m.•27 views

CVE-2025-59479

5.1CVSS0.00159EPSS

Exploits0References2

CNNVD•added 2025/12/16 12:0 a.m.•4 views

Inaba Denki Sangyo CHOCO TEI WATCHER mini 安全漏洞

Inaba Denki Sangyo CHOCO TEI WATCHER mini is a series of surveillance cameras from Inaba Denki Sangyo. A security vulnerability exists in Inaba Denki Sangyo CHOCO TEI WATCHER mini, which stems from an improperly restricted rendering UI layer or framework, which could result in the execution of...

6.1CVSS5.2AI score0.00159EPSS

Exploits0References2

Positive Technologies•added 2025/11/21 12:0 a.m.•4 views

PT-2025-47669

Cross-site request forgery vulnerability exists in LogStare Collector. If a user views a crafted page while logged, unintended operations may be performed...

6.9CVSS6.9AI score0.00122EPSS

Exploits0References3

NVD•added 2025/11/19 2:15 a.m.•4 views

CVE-2025-12852

DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device...

8.4CVSS0.00122EPSS

Exploits0References1

Vulnrichment•added 2025/11/19 1:1 a.m.•2 views

CVE-2025-12852

DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device...

8.4CVSS6.4AI score0.00122EPSS

Exploits0References1

Positive Technologies•added 2025/11/19 12:0 a.m.•4 views

PT-2025-47418

DLL Loading vulnerability in NEC Corporation RakurakuMusen Start EX All Verisons allows a attacker to manipulate the PC environment to cause unintended operations on the user's device...

8.4CVSS6.8AI score0.00122EPSS

Exploits0References2